Coinspect

• Name: Coinspect
• URL: https://www.coinspect.com/
• Category: blockchain security firm / public exploit-reproduction and wallet-security benchmarking infrastructure / web3 application and protocol security services
• Summary: Coinspect is a smaller security shop. Keep it for two things: the wallet-security benchmark work and the exploit-reproduction corpus. Those are real public artifacts, but this is still a secondary firm note, not a category anchor.
• What it does:
  • Provides security services spanning smart-contract audits, source-code audits, penetration testing, SDLC reinforcement, and security work for core L1/L2 systems, wallets, dApps, exchanges, and bridges
  • Maintains a public Wallet Security Ranking that scores wallets across dApp permissions, intent verification, threat prevention, and physical-access protections
  • Publishes a wallet-security framework and benchmark materials that document black-box and white-box security checks for web3 wallets
  • Maintains Learn EVM Attacks, an open-source Foundry-based repository of reproduced smart-contract exploits with runnable tests and contextual writeups
  • Publishes research posts and rankings that frame recurring failure modes and security maturity trends across wallets and DeFi systems
• Key claims:
  • The official site and GitHub organization describe Coinspect as defending decentralized systems since 2014 across L1 nodes, smart contracts, wallets, dApps, exchanges, and bridges, which is broader than a narrow Solidity-audit boutique
  • The Wallet Security Ranking page says the ranking is a public, fully open check-by-check report system designed to benchmark wallet security across consistent categories, not just a marketing leaderboard
  • The January 2026 ranking post says Coinspect evaluated 77 wallets and 2,233 individual security checks, and it frames the project as transparent, objective benchmarking meant to push wallet developers toward stronger defaults
  • The wallet-security-framework repository says Coinspect maintains both a developer/auditor control catalog and a black-box wallet security benchmark, which is strong evidence that the ranking rests on reusable methodology rather than ad hoc opinion
  • The Learn EVM Attacks repository says it reproduces 40+ real exploits with Foundry tests, and the 2026 blog post explains that Coinspect added an offline RPC-caching layer so the full corpus can run without live archive-node dependencies
  • The exploit corpus, wallet-security framework, and public ranking together show a firm building reusable public security infrastructure and educational tooling, not merely selling closed client reviews
• Whitepaper: No canonical standalone Coinspect whitepaper or litepaper surfaced in this pass. The clearest current source of truth is the official site, the wallet-ranking and methodology surfaces, and the public GitHub research/tooling repositories; see ../whitepapers/coinspect-primary-sources-2026-04-30.md.

Internal linkages

• Best upward reads: trail-of-bits and openzeppelin.

• Keep this note on reusable wallet-testing and exploit-reproduction work, not on generic audit-firm sprawl.

• Sources:

  • https://www.coinspect.com/
  • https://www.coinspect.com/wallets/
  • https://www.coinspect.com/blog/wallet-security-ranking-results-third-edition/
  • https://www.coinspect.com/blog/learn-evm-security/
  • https://github.com/coinspect
  • https://github.com/coinspect/wallet-security-framework
  • https://raw.githubusercontent.com/coinspect/wallet-security-ranking/main/README.md
  • https://raw.githubusercontent.com/coinspect/learn-evm-attacks/master/README.md

• Last reviewed: 2026-05-29 UTC